rpms/s390utils/F-11 0022-fix-string-overflow-in-vtoc_volume_label_init.patch, NONE, 1.1 s390utils.spec, 1.5, 1.6
Dan Horák
sharkcz at fedoraproject.org
Thu Sep 24 08:48:10 UTC 2009
- Previous message (by thread): rpms/perl-Nagios-Plugin-Beanstalk/F-11 import.log, NONE, 1.1 perl-Nagios-Plugin-Beanstalk.spec, NONE, 1.1 .cvsignore, 1.1, 1.2 sources, 1.1, 1.2
- Next message (by thread): rpms/s390utils/devel 0022-fix-string-overflow-in-vtoc_volume_label_init.patch, NONE, 1.1 s390utils.spec, 1.4, 1.5
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
Author: sharkcz
Update of /cvs/pkgs/rpms/s390utils/F-11
In directory cvs1.fedora.phx.redhat.com:/tmp/cvs-serv25890
Modified Files:
s390utils.spec
Added Files:
0022-fix-string-overflow-in-vtoc_volume_label_init.patch
Log Message:
* Thu Sep 24 2009 Dan Horák <dan[at]danny.cz> 2:1.8.1-4
- fixed string overflow in vtoc_volume_label_init (#525318)
0022-fix-string-overflow-in-vtoc_volume_label_init.patch:
vtoc.c | 3 +--
1 file changed, 1 insertion(+), 2 deletions(-)
--- NEW FILE 0022-fix-string-overflow-in-vtoc_volume_label_init.patch ---
>From 664ab55f566e46c31806b25a976dea444a7976a3 Mon Sep 17 00:00:00 2001
From: =?utf-8?q?Dan=20Hor=C3=A1k?= <dan at danny.cz>
Date: Thu, 24 Sep 2009 09:12:39 +0200
Subject: [PATCH] fix string overflow in vtoc_volume_label_init
Originaly it tries to copy a 84B string into 4B field and reset also
the other fields thru the overflow. This doesn't work with recent GCC
and the security-related compile flags that are used in Fedora.
---
libvtoc/vtoc.c | 2 +-
1 files changed, 1 insertions(+), 1 deletions(-)
diff --git a/libvtoc/vtoc.c b/libvtoc/vtoc.c
index 62a02a0..cebd5a4 100644
--- a/libvtoc/vtoc.c
+++ b/libvtoc/vtoc.c
@@ -326,7 +326,7 @@ void vtoc_volume_label_init (volume_label_t *vlabel)
{
sprintf(buffer, "%84s", " ");
vtoc_ebcdic_enc(buffer, buffer, 84);
- strncpy(vlabel->volkey, buffer, 84);
+ memcpy(vlabel, buffer, 84);
}
--
1.6.3.3
Index: s390utils.spec
===================================================================
RCS file: /cvs/pkgs/rpms/s390utils/F-11/s390utils.spec,v
retrieving revision 1.5
retrieving revision 1.6
diff -u -p -r1.5 -r1.6
--- s390utils.spec 3 Sep 2009 09:54:42 -0000 1.5
+++ s390utils.spec 24 Sep 2009 08:48:08 -0000 1.6
@@ -8,7 +8,7 @@ Name: s390utils
Summary: Utilities and daemons for IBM System/z
Group: System Environment/Base
Version: 1.8.1
-Release: 3%{?dist}
+Release: 4%{?dist}
Epoch: 2
License: GPLv2 and GPLv2+ and CPL
Buildroot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
@@ -45,6 +45,7 @@ Patch18: 0018-s390-tools-1.8.1-ziomon-n
Patch19: 0019-s390-tools-1.8.1-lsluns-disk-enc.patch
Patch20: 0020-s390-tools-1.8.1-cpuplugd-cmminit.patch
Patch21: 0021-s390-tools-1.8.1-lszfcp-perf.patch
+Patch22: 0022-fix-string-overflow-in-vtoc_volume_label_init.patch
Patch100: cmsfs-1.1.8-warnings.patch
Patch101: cmsfs-1.1.8-kernel26.patch
@@ -122,6 +123,9 @@ be used together with the zSeries (s390)
# Check only ZFCP devices in lszfcp (#518669)
%patch21 -p1 -b .lszfcp-perf
+# Fix string overflow in vtoc_volume_label_init (#525318)
+%patch22 -p1 -b .vtoc-label
+
#
# cmsfs
#
@@ -766,6 +770,9 @@ User-space development files for the s39
%changelog
+* Thu Sep 24 2009 Dan Horák <dan[at]danny.cz> 2:1.8.1-4
+- fixed string overflow in vtoc_volume_label_init (#525318)
+
* Thu Sep 3 2009 Dan Horák <dan[at]danny.cz> 2:1.8.1-3
- create devel subpackage with some useful headers
- preserving timestamps on installed files
- Previous message (by thread): rpms/perl-Nagios-Plugin-Beanstalk/F-11 import.log, NONE, 1.1 perl-Nagios-Plugin-Beanstalk.spec, NONE, 1.1 .cvsignore, 1.1, 1.2 sources, 1.1, 1.2
- Next message (by thread): rpms/s390utils/devel 0022-fix-string-overflow-in-vtoc_volume_label_init.patch, NONE, 1.1 s390utils.spec, 1.4, 1.5
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
More information about the fedora-extras-commits
mailing list